Privacy Notices

Privacy Notice - Members of Headway Shropshire:

As a member of Headway Shropshire, we take your privacy rights seriously. This document explains how we obtain, process, store and share your personal information, in accordance with the General Data Protection Regulation (GDPR) 2018.

Please click the headings for more information on each topic:

What information do we collect from you?

We keep records about your membership. This may include:

We hold some of your records on paper and some electronically on a secure computer system.

Why do we collect those information?

Your information is used solely to enable us to administer your membership.

Who might we share  your information with?

We do not share your membership information with third parties except external storage providers where any information is kept secure and confidential.

You always have the right to refuse or withdraw your consent to information being shared in this way, but this could affect your ongoing membership.

Your membership information will never be shared for marketing purposes.

Further information:

If you need more information on what personal information we share, you can contact us – contact details at the end of this document.

How do we keep your information secure?

For more information on how we keep your information safe, you can email us – contact details at the end of this document.

How long do we keep your information?

Your membership information will be kept for seven years after your membership ends. When the time comes, we will always dispose of your information securely.

How can I access the information you hold about me?

You have the right to see any of your information that we have on file, whether electronically or on paper, except for certain information, for example:

You have a right to see the information we hold about you, both on paper or electronic, except for information that:

You may request to see your information at any time. Your request has to be made in writing. We will need to see proof of identity before releasing your personal information.

Your request should be sent to the Data Controller – address at the end of this document.

How can I stop you holding my information?

To stop us holding information about you, you can withdraw your consent to this by contacting us – contact details at the end of this document. Please note that if you choose to withdraw your consent in this way, we may no longer be able to offer membership to you.

Privacy Notice - Employees of Headway Shropshire:

As an employee or volunteer of Headway Shropshire, we take your privacy rights seriously. This document explains how we obtain, process, store and share your personal information, in accordance with the General Data Protection Regulation (GDPR) 2018.

What information do we collect from you?

We keep records that may include:

  • Your basic details, such as name, address, date of birth, National Insurance number, phone number and email address
  • Bank details
  • Copies of identity documents
  • Copies of Disclosure and Barring Service checks
  • Contact details for your next of kin
  • Information on medication and allergies
  • Personnel records such as absence data, job title, employment contract, disciplinary records, records of meetings and supervisions, training you have received
  • Financial information such as salary/pay rate, pension details
  • PAYE and National Insurance records, tax code
  • Medical insurance details
  • Payment records, for example payment of salary/wages, expenses, tax and National Insurance

We hold some of your records on paper and some electronically on a secure computer system.

Why do we collect this information?

Your information is used to enable us to employ you and to administer your employment in line with legislation, your employment contract, your needs and your preferences.

Who might we share your information with?

We may share appropriate parts of your personal information, and only when necessary, with the following:

  • HMRC and other Government agencies in order to carry out our Statutory duties, for example paying PAYE tax and National Insurance relating to your employment
  • Headway Shropshire’s solicitor if we require legal advice on any aspect of your employment/placement
  • the emergency services in cases of emergency
  • our pension scheme provider to enable us to provide pension scheme membership to you
  • our medical insurance provider (if you have given explicit consent) to enable us to provide medical insurance to you
  • our bank, to enable payment of your salary or wages

You always have the right to refuse or withdraw your consent to information being shared in this way, but this could affect your employment and we are required by law to share some information in order to carry out our Statutory duties.

Please also note that your right to confidentiality may be overridden in certain circumstances when we have to share information about you with others. This is unusual, but in these circumstances we do not need your consent to share necessary information. Here are some examples:

  • We believe there is a risk of you being seriously harmed if we do not share information
  • We believe there is a risk of someone else being seriously harmed if we do not share information
  • We have been asked to provide information by a Court
  • Information is needed for the investigation of a serious crime
  • If your information needs to be shared for other legal or public health reasons, such as certain infectious illnesses

Your personal information will never be shared for insurance or other marketing purposes.

Further information:

If you need more information on what personal information we share, you can contact us – contact details at the end of this document.

How we keep your information secure?

    • Paper-based information is kept in locked cabinets with access being restricted to those staff who need it.
    • Computerised records are stored and accessed as follows:
    • Your information may be stored on a fileserver or on individual PCs. These machines are protected by usernames and passwords, with access restricted to those who need it.
    • Your information may be stored in external systems provided by third party organisations. We carry out due diligence to obtain evidence from suppliers to confirm that these systems meet the required data security standards, so that we can be sure that your information will be safe with them.
    • Some of your information may be accessed via secure web page or web application, again protected by username and password, with access restricted to those who need it, and with all data transmitted across the internet in encrypted form.
    • Some of your data may be accessible by mobile devices such as tablet computers or smartphones. This access is protected by username and password, with access restricted to those who need it, and with all data transmitted across the internet in encrypted form.
  • All employees receive training on data confidentiality to remind them of their obligations to keep your data safe and confidential.
  • All employees and the organisations we deal with have legal obligations to safeguard your confidentiality.
  • We have an Information Security policy in place to ensure that staff comply with security procedures.
  • We have a disciplinary policy to deal with any incident where confidentiality has been broken, and to discourage this from happening.
  • For more information on how we keep your information safe, you can email us – contact details at the end of this document.

How long do we keep your information?

Your personal information will be kept for seven years after you leave our employment. When the time comes, we will always dispose of your information securely.

How can I access the informataion you hold about me?

You have the right to see any of your information that we have on file, whether electronically or on paper, except for certain information, for example:

You have a right to see the information we hold about you, both on paper or electronic, except for information that:

  • Information that has been given to us by someone else without permission for you to see it
  • Information that relates to criminal offences or is being used to detect or prevent crime
  • Information that, if released to you, could cause harm to you, or to someone else

You may request to see your information at any time. Your request has to be made in writing. We will need to see proof of identity before releasing your personal information.

Your request should be sent to the Data Controller – address at the end of this document.

How can I stop you holding information about me?

To stop us holding information about you, you can withdraw your consent to this by contacting us – contact details at the end of this document. Please note that if you choose to withdraw your consent in this way, we may no longer be able to provide employment to you.

We are legally bound to retain your personal information for seven years after you leave our employment even if you request that it should be deleted. This is because the social care legislation overrides the General Data Protection Regulations on this point.

Privacy Notice - Volunteers and Trustees of Headway Shropshire:

As a volunteer or Trustee of Headway Shropshire, we take your privacy rights seriously. This document explains how we obtain, process, store and share your personal information, in accordance with the General Data Protection Regulation (GDPR) 2018.

What information do we collect from you?

We keep records that may include:

  • Your basic details, such as name, address, date of birth, National Insurance number, phone number and email address
  • Bank details
  • Copies of identity documents
  • Copies of Disclosure and Barring Service checks
  • Contact details for your next of kin
  • Information on medication and allergies
  • Personnel records such as absence data, job title, employment contract, disciplinary records, records of meetings and supervisions, training you have received
  • Financial information such as salary/pay rate, pension details
  • PAYE and National Insurance records, tax code
  • Medical insurance details
  • Payment records, for example payment of salary/wages, expenses, tax and National Insurance

We hold some of your records on paper and some electronically on a secure computer system.

Why do we collect this information?

Your information is used to enable us to employ you and to administer your employment in line with legislation, your employment contract, your needs and your preferences.

Who might we share your information with?

We may share appropriate parts of your personal information, and only when necessary, with the following:

  • HMRC and other Government agencies in order to carry out our Statutory duties, for example paying PAYE tax and National Insurance relating to your employment
  • Headway Shropshire’s solicitor if we require legal advice on any aspect of your employment/placement
  • the emergency services in cases of emergency
  • our pension scheme provider to enable us to provide pension scheme membership to you
  • our medical insurance provider (if you have given explicit consent) to enable us to provide medical insurance to you
  • our bank, to enable payment of your salary or wages

You always have the right to refuse or withdraw your consent to information being shared in this way, but this could affect your employment and we are required by law to share some information in order to carry out our Statutory duties.

Please also note that your right to confidentiality may be overridden in certain circumstances when we have to share information about you with others. This is unusual, but in these circumstances we do not need your consent to share necessary information. Here are some examples:

  • We believe there is a risk of you being seriously harmed if we do not share information
  • We believe there is a risk of someone else being seriously harmed if we do not share information
  • We have been asked to provide information by a Court
  • Information is needed for the investigation of a serious crime
  • If your information needs to be shared for other legal or public health reasons, such as certain infectious illnesses

Your personal information will never be shared for insurance or other marketing purposes.

Further information:

If you need more information on what personal information we share, you can contact us – contact details at the end of this document.

How we keep your information secure?

    • Paper-based information is kept in locked cabinets with access being restricted to those staff who need it.
    • Computerised records are stored and accessed as follows:
    • Your information may be stored on a fileserver or on individual PCs. These machines are protected by usernames and passwords, with access restricted to those who need it.
    • Your information may be stored in external systems provided by third party organisations. We carry out due diligence to obtain evidence from suppliers to confirm that these systems meet the required data security standards, so that we can be sure that your information will be safe with them.
    • Some of your information may be accessed via secure web page or web application, again protected by username and password, with access restricted to those who need it, and with all data transmitted across the internet in encrypted form.
    • Some of your data may be accessible by mobile devices such as tablet computers or smartphones. This access is protected by username and password, with access restricted to those who need it, and with all data transmitted across the internet in encrypted form.
  • All employees receive training on data confidentiality to remind them of their obligations to keep your data safe and confidential.
  • All employees and the organisations we deal with have legal obligations to safeguard your confidentiality.
  • We have an Information Security policy in place to ensure that staff comply with security procedures.
  • We have a disciplinary policy to deal with any incident where confidentiality has been broken, and to discourage this from happening.
  • For more information on how we keep your information safe, you can email us – contact details at the end of this document.

How long do we keep your information?

Your personal information will be kept for seven years after you leave our employment. When the time comes, we will always dispose of your information securely.

How can I access the informataion you hold about me?

You have the right to see any of your information that we have on file, whether electronically or on paper, except for certain information, for example:

You have a right to see the information we hold about you, both on paper or electronic, except for information that:

  • Information that has been given to us by someone else without permission for you to see it
  • Information that relates to criminal offences or is being used to detect or prevent crime
  • Information that, if released to you, could cause harm to you, or to someone else

You may request to see your information at any time. Your request has to be made in writing. We will need to see proof of identity before releasing your personal information.

Your request should be sent to the Data Controller – address at the end of this document.

How can I stop you holding information about me?

To stop us holding information about you, you can withdraw your consent to this by contacting us – contact details at the end of this document. Please note that if you choose to withdraw your consent in this way, we may no longer be able to provide employment to you.

We are legally bound to retain your personal information for seven years after you leave our employment even if you request that it should be deleted. This is because the social care legislation overrides the General Data Protection Regulations on this point.

Privacy Notice - Clients of Headway Shropshire:

As a volunteer or Trustee of Headway Shropshire, we take your privacy rights seriously. This document explains how we obtain, process, store and share your personal information, in accordance with the General Data Protection Regulation (GDPR) 2018.

What information do we collect from you?

We keep records that may include:

  • Your basic details, such as name, address, date of birth, National Insurance number, phone number and email address
  • Bank details
  • Copies of identity documents
  • Copies of Disclosure and Barring Service checks
  • Contact details for your next of kin
  • Information on medication and allergies
  • Personnel records such as absence data, job title, employment contract, disciplinary records, records of meetings and supervisions, training you have received
  • Financial information such as salary/pay rate, pension details
  • PAYE and National Insurance records, tax code
  • Medical insurance details
  • Payment records, for example payment of salary/wages, expenses, tax and National Insurance

We hold some of your records on paper and some electronically on a secure computer system.

Why do we collect this information?

Your information is used to enable us to employ you and to administer your employment in line with legislation, your employment contract, your needs and your preferences.

Who might we share your information with?

We may share appropriate parts of your personal information, and only when necessary, with the following:

  • HMRC and other Government agencies in order to carry out our Statutory duties, for example paying PAYE tax and National Insurance relating to your employment
  • Headway Shropshire’s solicitor if we require legal advice on any aspect of your employment/placement
  • the emergency services in cases of emergency
  • our pension scheme provider to enable us to provide pension scheme membership to you
  • our medical insurance provider (if you have given explicit consent) to enable us to provide medical insurance to you
  • our bank, to enable payment of your salary or wages

You always have the right to refuse or withdraw your consent to information being shared in this way, but this could affect your employment and we are required by law to share some information in order to carry out our Statutory duties.

Please also note that your right to confidentiality may be overridden in certain circumstances when we have to share information about you with others. This is unusual, but in these circumstances we do not need your consent to share necessary information. Here are some examples:

  • We believe there is a risk of you being seriously harmed if we do not share information
  • We believe there is a risk of someone else being seriously harmed if we do not share information
  • We have been asked to provide information by a Court
  • Information is needed for the investigation of a serious crime
  • If your information needs to be shared for other legal or public health reasons, such as certain infectious illnesses

Your personal information will never be shared for insurance or other marketing purposes.

Further information:

If you need more information on what personal information we share, you can contact us – contact details at the end of this document.

How we keep your information secure?

    • Paper-based information is kept in locked cabinets with access being restricted to those staff who need it.
    • Computerised records are stored and accessed as follows:
    • Your information may be stored on a fileserver or on individual PCs. These machines are protected by usernames and passwords, with access restricted to those who need it.
    • Your information may be stored in external systems provided by third party organisations. We carry out due diligence to obtain evidence from suppliers to confirm that these systems meet the required data security standards, so that we can be sure that your information will be safe with them.
    • Some of your information may be accessed via secure web page or web application, again protected by username and password, with access restricted to those who need it, and with all data transmitted across the internet in encrypted form.
    • Some of your data may be accessible by mobile devices such as tablet computers or smartphones. This access is protected by username and password, with access restricted to those who need it, and with all data transmitted across the internet in encrypted form.
  • All employees receive training on data confidentiality to remind them of their obligations to keep your data safe and confidential.
  • All employees and the organisations we deal with have legal obligations to safeguard your confidentiality.
  • We have an Information Security policy in place to ensure that staff comply with security procedures.
  • We have a disciplinary policy to deal with any incident where confidentiality has been broken, and to discourage this from happening.
  • For more information on how we keep your information safe, you can email us – contact details at the end of this document.

How long do we keep your information?

Your personal information will be kept for seven years after you leave our employment. When the time comes, we will always dispose of your information securely.

How can I access the informataion you hold about me?

You have the right to see any of your information that we have on file, whether electronically or on paper, except for certain information, for example:

You have a right to see the information we hold about you, both on paper or electronic, except for information that:

  • Information that has been given to us by someone else without permission for you to see it
  • Information that relates to criminal offences or is being used to detect or prevent crime
  • Information that, if released to you, could cause harm to you, or to someone else

You may request to see your information at any time. Your request has to be made in writing. We will need to see proof of identity before releasing your personal information.

Your request should be sent to the Data Controller – address at the end of this document.

How can I stop you holding information about me?

To stop us holding information about you, you can withdraw your consent to this by contacting us – contact details at the end of this document. Please note that if you choose to withdraw your consent in this way, we may no longer be able to provide employment to you.

We are legally bound to retain your personal information for seven years after you leave our employment even if you request that it should be deleted. This is because the social care legislation overrides the General Data Protection Regulations on this point.

Contact Details:

The Data Controller 
Headway Shropshire Limited
Holsworth Park
Oxon Business Park
Shrewsbury
SY3 5HJ

Email: hr@headwayshropshire.org.uk

Telephone: 01743 365271